March 7, 2001

Advisory for proftpd

Author: JT Smith

From "The following problems have been reported for the version of proftpd in
Debian 2.2 (potato):

1. There is a configuration error in the postinst script, when the user
enters 'yes', when asked if anonymous access should be enabled.
The postinst script wrongly leaves the 'run as uid/gid root' configuration
option in /etc/proftpd.conf, and adds a 'run as uid/gid nobody' option that
has no effect.

2. There is a bug that comes up when /var is a symlink, and proftpd is
restarted. When stopping proftpd, the /var symlink is removed; when it's
started again a file named /var is created."


  • Linux
Click Here!